diff --git a/react-app/.snyk b/react-app/.snyk new file mode 100644 index 0000000..aad2770 --- /dev/null +++ b/react-app/.snyk @@ -0,0 +1,38 @@ +# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities. +version: v1.25.0 +ignore: {} +# patches apply the minimum changes required to fix a vulnerability +patch: + SNYK-JS-LODASH-567746: + - '@testing-library/jest-dom > lodash': + patched: '2022-10-08T21:05:15.578Z' + - react-scripts > @babel/core > lodash: + patched: '2022-10-08T21:05:15.578Z' + - react-scripts > eslint > lodash: + patched: '2022-10-08T21:05:15.578Z' + - react-scripts > eslint-plugin-flowtype > lodash: + patched: '2022-10-08T21:05:15.578Z' + - react-scripts > html-webpack-plugin > lodash: + patched: '2022-10-08T21:05:15.578Z' + - react-scripts > webpack-manifest-plugin > lodash: + patched: '2022-10-08T21:05:15.578Z' + - react-scripts > @typescript-eslint/parser > @typescript-eslint/typescript-estree > lodash: + patched: '2022-10-08T21:05:15.578Z' + - react-scripts > eslint > inquirer > lodash: + patched: '2022-10-08T21:05:15.578Z' + - react-scripts > eslint > table > lodash: + patched: '2022-10-08T21:05:15.578Z' + - react-scripts > optimize-css-assets-webpack-plugin > last-call-webpack-plugin > lodash: + patched: '2022-10-08T21:05:15.578Z' + - react-scripts > react-dev-utils > inquirer > lodash: + patched: '2022-10-08T21:05:15.578Z' + - react-scripts > webpack-dev-server > http-proxy-middleware > lodash: + patched: '2022-10-08T21:05:15.578Z' + - react-scripts > @svgr/webpack > @babel/preset-env > @babel/plugin-transform-block-scoping > lodash: + patched: '2022-10-08T21:05:15.578Z' + - react-scripts > webpack-dev-server > portfinder > async > lodash: + patched: '2022-10-08T21:05:15.578Z' + - react-scripts > @svgr/webpack > @babel/preset-env > @babel/plugin-transform-classes > @babel/helper-define-map > lodash: + patched: '2022-10-08T21:05:15.578Z' + - react-scripts > jest-environment-jsdom-fourteen > jsdom > request-promise-native > request-promise-core > lodash: + patched: '2022-10-08T21:05:15.578Z' diff --git a/react-app/package-lock.json b/react-app/package-lock.json index 7e413e9..ecb7f41 100644 --- a/react-app/package-lock.json +++ b/react-app/package-lock.json @@ -1382,6 +1382,11 @@ "resolved": "https://registry.npmjs.org/@sheerun/mutationobserver-shim/-/mutationobserver-shim-0.3.3.tgz", "integrity": "sha512-DetpxZw1fzPD5xUBrIAoplLChO2VB8DlL5Gg+I1IR9b2wPqYIca2WSUxL5g1vLeR4MsQq1NeWriXAVffV+U1Fw==" }, + "@snyk/protect": { + "version": "1.1025.0", + "resolved": "https://registry.npmjs.org/@snyk/protect/-/protect-1.1025.0.tgz", + "integrity": "sha512-RK9tY2Aqujv5l9e/5nE4yiTilk8vxyB99VtJJ/6p9TZYhddCVQUUv+PNenhVVO3jkSD8/3gLWbPakIvQsFKynA==" + }, "@svgr/babel-plugin-add-jsx-attribute": { "version": "4.2.0", "resolved": "https://registry.npmjs.org/@svgr/babel-plugin-add-jsx-attribute/-/babel-plugin-add-jsx-attribute-4.2.0.tgz", diff --git a/react-app/package.json b/react-app/package.json index ab07359..1a2d8ef 100644 --- a/react-app/package.json +++ b/react-app/package.json @@ -1,56 +1,60 @@ { - "name": "react-app", - "version": "0.1.0", - "private": true, - "dependencies": { - "@testing-library/jest-dom": "^4.2.4", - "@testing-library/react": "^9.4.0", - "@testing-library/user-event": "^7.2.1", - "axios": "^0.19.1", - "bloomer": "^0.6.5", - "bulma": "^0.8.0", - "gzipper": "^3.7.0", - "highlight.js": "^10.0.3", - "lz-string": "^1.4.4", - "moment": "^2.26.0", - "moment-timezone": "^0.5.31", - "react": "^16.12.0", - "react-dom": "^16.12.0", - "react-highlight": "^0.12.0", - "react-moment": "^0.9.7", - "react-redux": "^7.1.3", - "react-router-dom": "^5.1.2", - "react-scripts": "3.4.1", - "redux": "^4.0.5", - "redux-logger": "^3.0.6", - "reselect": "^4.0.0" - }, - "scripts": { - "start": "react-scripts start", - "build": "react-scripts build && gzipper --verbose ./build", - "test": "react-scripts test", - "eject": "react-scripts eject" - }, - "eslintConfig": { - "extends": "react-app" - }, - "browserslist": { - "production": [ - ">0.2%", - "not dead", - "not op_mini all" - ], - "development": [ - "last 1 chrome version", - "last 1 firefox version", - "last 1 safari version" - ] - }, - "proxy": "http://localhost:5000", - "devDependencies": { - "enzyme": "^3.11.0", - "enzyme-adapter-react-16": "^1.15.2", - "react-test-renderer": "^16.12.0", - "redux-mock-store": "^1.5.4" - } + "name": "react-app", + "version": "0.1.0", + "private": true, + "dependencies": { + "@testing-library/jest-dom": "^4.2.4", + "@testing-library/react": "^9.4.0", + "@testing-library/user-event": "^7.2.1", + "axios": "^0.19.1", + "bloomer": "^0.6.5", + "bulma": "^0.8.0", + "gzipper": "^3.7.0", + "highlight.js": "^10.0.3", + "lz-string": "^1.4.4", + "moment": "^2.26.0", + "moment-timezone": "^0.5.31", + "react": "^16.12.0", + "react-dom": "^16.12.0", + "react-highlight": "^0.12.0", + "react-moment": "^0.9.7", + "react-redux": "^7.1.3", + "react-router-dom": "^5.1.2", + "react-scripts": "3.4.1", + "redux": "^4.0.5", + "redux-logger": "^3.0.6", + "reselect": "^4.0.0", + "@snyk/protect": "latest" + }, + "scripts": { + "start": "react-scripts start", + "build": "react-scripts build && gzipper --verbose ./build", + "test": "react-scripts test", + "eject": "react-scripts eject", + "prepare": "npm run snyk-protect", + "snyk-protect": "snyk-protect" + }, + "eslintConfig": { + "extends": "react-app" + }, + "browserslist": { + "production": [ + ">0.2%", + "not dead", + "not op_mini all" + ], + "development": [ + "last 1 chrome version", + "last 1 firefox version", + "last 1 safari version" + ] + }, + "proxy": "http://localhost:5000", + "devDependencies": { + "enzyme": "^3.11.0", + "enzyme-adapter-react-16": "^1.15.2", + "react-test-renderer": "^16.12.0", + "redux-mock-store": "^1.5.4" + }, + "snyk": true }